User & Groups SyncUser & Groups Sync
Try For Free

SCIM 2.0 Connector

What is SCIM?

SCIM stands for System-Cross Domain Identity Management and was developed to simplify user management in dynamic and rapidly changing infrastructures. The protocol, published under Internet Engineering Task Force (IETF), provides a standardized schema for users and groups, as well as RESTful APIs that enable CRUD (Create, Read, Update & Delete) operations on SCIM resources.

Our plugin (User Sync) supports the current standard, SCIM 2.0, which was released as IETF RFC in 2015.

How SCIM 2.0 works

SCIM is an HTTP-based protocol that works according to the client-server principle, in which JSON payloads are exchanged. The SCIM client is the identity provider (IDP), which assumes the role of the single point of truth (SPOT) for the identities in an organization. From the IDP, the information is further provisioned to the service providers (SP).

With IdP's (such as Oracle, Okta or Azure AD), an SCIM client connects to the user directory and checks it for changes. The changes are then forwarded to the target directories or to the SCIM endpoints of a service provider if users have been added, changed or removed.

GRAPHIC

On the service provider side, the IDP acts as an SCIM server that receives user management requests and then modifies the target directory as needed. 

GRAPHIC

SCIM Endpoints

Several endpoints are defined in the SCIM RFC. Our SCIM Connectors supports nativly the /User and /Groups endpoint.

Endpoint

Description

/Users

Perform CRUD operations on a user object.

/Group

Perform CRUD operations on a group object.

Authentication

Our SCIM 2.0 Connectors supports

  • OAuth 2.0 bearer Token

  • Basic Authentication (only recommend for test / develop instances)

How can I test my SCIM Endpoint?

Lorem ipsum dolor sit amet, consectetur adipiscing elit.

We build a RESTful API which you can use. Here are some API calls you can use to test your SCIM connector.

Differences between our current User Sync Connectors & SCIM Connectors

  • no 'Sync' button

SCIM 2.0 will automate the provisioning/de-provisioning process while also having a single system to manage permissions and groups. Since data is transferred automatically between a client (usually an identity provider (IDP)) and an SP server (service provider (SP)) there is no need to start a sync process.


This site uses cookies to deliver its service & to analyse traffic. By browsing this site, you accept the privacy policy.

Our Wiki uses cookies

We want to give you the best possible experience on our website. For this we use technically required cookies and, if you agree, cookies for analysis and marketing purposes. You can find more information about the cookies in our Privacy Policy. By tapping ‘Accept All,’ you consent to the use of these methods by us and third parties.

Necessary
Always Active
Analytics
Advertisement
Other